Archive for October 22nd, 2017

How to check Linux OS install date / How long ago was Linux installed

Sunday, October 22nd, 2017

If you're sysadmin who inherited a few hundreds of Linux machines from a previous admin and you're in process of investigating how things were configured by the previous administrator one of the crucial things to find out might be

How Long ago was Linux installed?

Here is how to check the Linux OS install date.

The universal way nomatter the Linux distribution is to use fullowing command:

 

root@pcfreak:~# tune2fs -l /dev/sda1 | grep 'Filesystem created:'
Filesystem created:       Thu Sep  6 21:44:22 2012

 

 

Above command assumes the Linux's root partition / is installed on /dev/sda1 however if your case is different, e.g. the primary root partition is installed on /dev/sda2 or /dev/sdb1 / dev/sdb2 etc. just place the right first partition into the command.

If primary install root partition is /dev/sdb1 for example:
 

root@pcfreak:~# tune2fs -l /dev/sdb1 | grep 'Filesystem created:'

 


To find out what is the root partition of the Linux server installed use fdisk command:

 

 

 

root@pcfreak:~# fdisk -l

 

Disk /dev/sda: 465,8 GiB, 500107862016 bytes, 976773168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x00051eda

Device     Boot     Start       End   Sectors   Size Id Type
/dev/sda1  *         2048 965193727 965191680 460,2G 83 Linux
/dev/sda2       965195774 976771071  11575298   5,5G  5 Extended
/dev/sda5       965195776 976771071  11575296   5,5G 82 Linux swap / Solaris

Disk /dev/sdb: 111,8 GiB, 120034123776 bytes, 234441648 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x00000000

 


Other ways to check the Linux OS install date on Debian / Ubuntu / Mint etc. deb. based GNU / Linux

 


Deban based Linux distributions do create an initial /var/log/installer directory containing various install information such as hardware-summary, partition, initial installed deb packages, exact version of Linux distribution, and the way it was installed either it was installed from an ISO image, or it was network install etc.

 

root@pcfreak:~# ls -al /var/log/installer/
total 1228
drwxr-xr-x  3 root root   4096 sep  6  2012 ./
drwxr-xr-x 72 root root  12288 окт 22 06:26 ../
drwxr-xr-x  2 root root   4096 sep  6  2012 cdebconf/
-rw-r–r–  1 root root  17691 sep  6  2012 hardware-summary
-rw-r–r–  1 root root    163 sep  6  2012 lsb-release
-rw——-  1 root root 779983 sep  6  2012 partman
-rw-r–r–  1 root root  51640 sep  6  2012 status
-rw——-  1 root root 363674 sep  6  2012 syslog

 

If those directory is missing was wiped out by the previous administrator, to clear up traces of his previous work before he left job another possible way to find out exact install date is to check timestamp of /lost+found directory;
 

root@pcfreak:~# ls -ld /lost+found/
drwx—— 2 root root 16384 sep  6  2012 /lost+found//

 

Check OS Linux install date on (Fedora, CentOS, Scientific Linux, Oracle and other Redhat RPM based Distros)

 

[root@centos: ~]# rpm -qi basesystem
Name        : basesystem
Version     : 10.0
Release     : 7.el7
Architecture: noarch
Install Date: Mon 02 May 2016 19:20:58 BST
Group       : System Environment/Base
Size        : 0
License     : Public Domain
Signature   : RSA/SHA256, Tue 01 Apr 2014 14:23:16 BST, Key ID     199e2f91fd431d51
Source RPM  : basesystem-10.0-7.el7.src.rpm
Build Date  : Fri 27 Dec 2013 17:22:15 GMT
Build Host  : ppc-015.build.eng.bos.redhat.com
Relocations : (not relocatable)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Vendor      : Red Hat, Inc.
Summary     : The skeleton package which defines a simple Red Hat Enterprise Linux system
Description :
Basesystem defines the components of a basic Red Hat Enterprise Linux
system (for example, the package installation order to use during
bootstrapping). Basesystem should be in every installation of a system,
and it should never be removed.

 

Check TOP Memory and CPU use with ps command on Linux

Sunday, October 22nd, 2017

linux-command-toolbox-how-to-check-maximum-cpu-load-and-max-memory-usage-with-ps-on-linux

There are plenty of software to check the GNU / Linux Server Load bottlenecks such as top / tload / slabtop / htop but for shell scripting purposes or perl  / python / ruby automation Dev Ops scripts and various Web and Middleware Tasks it is always better to know how to print list the TOP Memory and CPU consumption processes on Linux.

Below are two easy commands you can use to check out, which process is the most memory hungry and which running daemon (MySQL / PostgreSQL / Apache whatever) is the overloading your *nix server CPU.

TOP Memory use sorted by process memory max consumption

 

ps aux  | awk '{print $6/1024 " MBtt" $11}'  | sort -n

 


TOP CPU use sorted y running daemon
 

ps -eo pcpu,pid,user,args | sort -k 1 -r | head -10


Enjoy 🙂

Check Windows install date / Howto find install time and date / Check how old is Windows

Sunday, October 22nd, 2017

how-to-find-windows-install-date-change-windows-install-date-change-file-folder-creation-date-howto

Just like us people operating systems have age, they have stages of young, teenage, grow up and old 🙂

Finding out how old is Windows as Operating System is important task for Windows system administrator and Tech support and can help you decide whether the OS requires a fresh reinstall as Windows is known historically to start misbehaving with its aging and especially for Computer Technicians / Support that have Windows Support clients or for Computer Clubs support guys, it is a among the good practices to re-install Windows every few years (every 3 / 4 years for servers to 7 years for Win Servers) and for Desktop or Gamers PCs the lifecycle of OS often much less, a reinstall is required every 2, 2.5 years or so.

Of course Desktop PC Windows users are much more prone to the requirement for frequent reinstalls, because they tend to install a lot of shit cracked, software games and a lot of ugly stuff, that infests the PC and fills up registry with a lot of broken and useless content.

Finding out, the install date of Programs (Applications) in Windows

 

1. In registry: HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionUninstall

InstallDate
YYYYMMDD (eg 20090301 for here March 1, 2009)


2. Through Control Panel -> Programs and Features

From Column:

"Installed on"


Determine the install date of Windows
 

1. In command line you have to issue:
 

systeminfo|find /i "original"

 


systeminfo-find-original-windows-server-screenshot-get-windows-install-date-howto

Note that this command will work on Windows Servers 2003, 2007, 2010 and Windows XP, 7, 8 but will show empty result on Windows 10

 

 

2. In cmd (command prompt):
 

WMIC OS GET installdate


systeminfo-find-original-windows-server-screenshot-get-windows-install-date-howto1

 

Reult you will get will be like:
20131019011658

Deciphered this Windows install date is on: 2013(year) 10(month) 19(date) 01(hour) 16(minutes) 58(seconds)
 

3. Another way to get the OS install date via Windows Registers:

 

HKLMSOFTWAREMicrosoftWindows NTCurrentVersionInstallDate

 

 

You will find  therea record number like 1414160971, to get the actual date you have to convert that to decimal
Конвертира се в decimal, и примерно излиза: 1414160971

To convert for those who have GNU / Linux or *BSD at hand the easiest way to convert it is to use below command that converts from unix timestampt to readable date command output:

 

 

echo 1414160971 | gawk '{print strftime("%c", $0)}'
24.10.2014 (fr) 17:29:31 EEST

 

For those that doesn't have GNU / Linux at hand you can use this online tool for conversion unix timestamp to readable output


How to edit creation date, and date of file or folder edit in Windows?

Как да се редактира дата на създаване, дата на редактиране на файл или папка под Windows:

Well why would you want to change the creation date of Windows install or creation date of file or folder edit in Windows?
Well just for the fun or because it can 🙂

Actually a lot of Windows white hats and mostly Script Kiddies (malicious crackers) do use this feature to falsify changed files in Windows lets say system files or any other Windows file, sometimes dumping the install date could be useful in computer data theft investigations or by crackers (please don't mix it with hackers, because term hacker is to be coined for a genius programmers and playful people).

It is possible to do a lot if not everything via Windows registry but perhaps the best way is to use a simple tool Attribute Changer, that is capable to change Windows file, folder and windows install creation date.